[lug] "ALL: PARANOID" in /etc/hosts.deny
M Katherine Pagoaga
pagoaga at boulder.nist.gov
Mon Feb 28 09:02:32 MST 2000
"McIllece, Matthew W" wrote:
>
> That's pretty slick! Does hosts_access automatically fill in the IP address
> for %a and the port number for %d?
Yes. In the hosts_access man page you will see that there are several other
expansions that can be used. I tried them all and these were the ones I settled
on. The only other one which might be of interest is %p which gives the pid.
>
> Does the PARANOID setting not work with the new format? Why didn't you use
> it?
I hadn't tried it up until now. We are behind a firewall, so I didn't work with
it for our internal clients to talk to each other. My version of tcp_wrappers
has paranoid on and the makefile documentation says it will work. I just
replaced the second ALL with PARANOID it on my personal machine and it lets the
rpc request from a disallowed machine through without a warning e-mail message.
I would probably have to work with it more to see what the problem is.
--
Katherine Pagoaga e-mail: pagoaga at boulder.nist.gov
National Institute of Standards and Technology Fax: 303-497-7696
Mailstop 896, 325 Broadway Phone: 303-497-5104
Boulder, CO USA 80303-3328 Opinions expressed do not represent NIST.
More information about the LUG
mailing list